#!/usr/bin/env bash # # Basic development provision example # # Copyright (C) 2017 Silvio Rhatto - rhatto at riseup.net # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published # by the Free Software Foundation, either version 3 of the License, # or any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # # Parameters DIRNAME="`dirname $0`" BASENAME="`basename $0`" HOSTNAME="$1" DOMAIN="$2" MIRROR="$3" APT_INSTALL="sudo LC_ALL=C DEBIAN_FRONTEND=noninteractive apt-get install -y" # Ensure we're in the home folder cd # Security sudo sysctl kernel.unprivileged_bpf_disabled=1 echo "kernel.unprivileged_bpf_disabled=1" | sudo tee /etc/sysctl.d/kernel.unprivileged_bpf_disabled.conf > /dev/null # Configuring APT sudo apt-get update $APT_INSTALL apt-transport-https || exit 1 sudo sed -i -e "s|http://http.debian.net|https://deb.debian.org|g" /etc/apt/sources.list || exit 1 sudo sed -i -e "s|http://deb.debian.org|https://deb.debian.org|g" /etc/apt/sources.list || exit 1 sudo sed -i -e "s|main$|main contrib non-free|g" /etc/apt/sources.list || exit 1 # Upgrade if which hydractl &> /dev/null; then hydractl upgrade else sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get autoremove -y && sudo apt-get clean || exit 1 fi # Dependencies echo "Installing basic dependencies..." $APT_INSTALL git curl make wipe man || exit 1 # Tools if [ ! -e "apps/infection" ]; then rm -rf apps git clone --recursive https://git.fluxo.info/rhatto/apps apps/infection init else echo "Updating locally-installed apps and dotfiles..." apps/infection fetch apps/infection merge apps/metadot/metadot fetch apps/metadot/metadot merge fi apps/metadot/metadot load-bundle development apps/metadot/metadot deps-bundle development # Set user shell if [ -x "/bin/zsh" ]; then sudo chsh -s /bin/zsh `whoami` fi # Install hydra system-wide apps/hydra/hydractl install # Install trashman system-wide sudo apps/trashman/trashman install trashman # Hibernation support # https://wiki.archlinux.org/index.php/Swap#Swap_file # https://wiki.archlinux.org/index.php/Uswsusp if ! grep -q "/swapfile" /etc/fstab; then echo "Configuring hibernation..." sudo fallocate -l 2G /swapfile sudo chmod 600 /swapfile sudo mkswap /swapfile sudo swapon /swapfile echo "/swapfile none swap defaults 0 0" | sudo tee -a /etc/fstab > /dev/null $APT_INSTALL uswsusp echo "RESUME=/swapfile" | sudo tee /etc/initramfs-tools/conf.d/resume > /dev/null sudo update-initramfs -u fi # GRUB timeout if ! grep -q "GRUB_TIMEOUT=1" /etc/default/grub; then sudo sed -i -e 's|GRUB_TIMEOUT=5|GRUB_TIMEOUT=1|' /etc/default/grub sudo update-grub fi # Serial console support for VMs not created by a recent kvmx-create if ! grep -q "GRUB_TERMINAL=serial" /etc/default/grub; then # Serial console support echo '' | sudo tee -a /etc/default/grub > /dev/null echo '# Custom configuration' | sudo tee -a /etc/default/grub > /dev/null echo 'GRUB_TERMINAL=serial' | sudo tee -a /etc/default/grub > /dev/null echo 'GRUB_SERIAL_COMMAND="serial --speed=115200"' | sudo tee -a /etc/default/grub > /dev/null echo 'GRUB_CMDLINE_LINUX="console=ttyS0,115200n8"' | sudo tee -a /etc/default/grub > /dev/null sudo update-grub fi # Fstrim # See https://pve.proxmox.com/wiki/Shrink_Qcow2_Disk_Files sudo fstrim -av sudo sync